﻿using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Drawing;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

public partial class Management_MedicalDirector_Thongtinnhansu : System.Web.UI.Page
{
    static int IDStaff;
    public static Color defautColor;
    static bool kt;
    SqlConnection con = new SqlConnection(GlobalConstant.CONNECTION_STRING);
    protected void Page_Load(object sender, EventArgs e)
    {
        if (!IsPostBack)
        {
            GridView1.DataBind();
        }
    }

    protected void nhansu_Click(object sender, EventArgs e)
    {
        IDStaff = Int32.Parse((sender as LinkButton).CommandArgument);
        StaffInfor1.fillInfor(IDStaff);
        StaffInfor1.lockEdit(true);
        Panel2.Visible = true;
        pnxxx.Visible = true;

        string id = (sender as LinkButton).CommandArgument;
        con.Open();
        string sql = "SELECT * FROM tbLogin WHERE IDStaff='" + IDStaff + "'";
        SqlCommand cmd = new SqlCommand(sql, con);
        SqlDataReader reader = cmd.ExecuteReader();
        if (reader.Read())
        {
            kt = false;
            txtuser.Text = reader.GetString(1).ToString();
            txtpass.Text = reader.GetString(2).ToString();
            ddlrule.SelectedValue = reader.GetInt32(4).ToString();
        }
        else kt = true;
        con.Close();
    }

    protected void update_Click(object sender, EventArgs e)
    {
        string st1 = txtuser.Text;
        string st2 = txtpass.Text;
        string st3 = ddlrule.SelectedValue;
        string sql1 = "UPDATE tbLogin SET  Password='" + st2 + "',  [Rule] ='" + st3 + "' WHERE IDStaff='" + IDStaff + "'";
        string sql2 = "INSERT INTO tbLogin(UserName,Password,[Rule],IDStaff) VALUES('" + st1 + "','" + st2 + "','" + st3 + "','" + IDStaff + "')";
        con.Open();
        string sql;
        if (kt) sql = sql2;
        else sql = sql1;
        SqlCommand cmd = new SqlCommand(sql, con);
        cmd.ExecuteNonQuery();
        con.Close();
        Response.Write("<script>alert('Cập nhật thông tin thành công')</script>");
    }
}